Interface "Pauses"
-
I'm having a problem, and I'm wondering if its a configuration issue or something else that I might have missed.
I'm running embedded (alix), with a pretty "normal" configuration, an internet interface and a bunch of VLANs running on the "internal" interface, minimal filtering on the internal interfaces, lots of filtering on the Internet and DMZ interfaces.
Pfsense works very well, except that I experience interface pauses, as if the network has gone away for 10 or 15 seconds. Of course, my monitoring (from internal) goes nuts, and tells me that all of the external sites (and the ones in the DMZ) are down, when in fact, they're still there. I also see breaks in the graphs that monitor the NTP servers in the DMZ, which I'm also attributing to this. I've attached the ntp monitoring graph of the machine in the DMZ, where you can see the breaks in the data for Sunday around 2pm and again around 10pm.
The pfsense box itself doesn't appear to be under any stress (CPU utilzation ca 10 - 15%, states < 150, mbufs around 300). This nomally happens a few times within a 24-hour period.I dont have any explanation for this, except perhaps for some non-obvious misconfiguration. I'd appreciate any pointers.
-
Do you have spikes in throughput corresponding to that? An ALIX maxes out at about 85 Mbps, with many internal VLANs plus an internal DMZ plus an Internet connection, you could pretty easily pass enough traffic to max it out and make it start dropping packets.
-
Do you have spikes in throughput corresponding to that? An ALIX maxes out at about 85 Mbps, with many internal VLANs plus an internal DMZ plus an Internet connection, you could pretty easily pass enough traffic to max it out and make it start dropping packets.
I suppose its possible, but I really dont think this is likely. There is almost no traffic between the VLANs at all. There's some traffic (mail exchange, ntp) between the internet and the DMZ, and outbound traffic from the internal VLAN (standard surfing, etc). Looking over the RRD graphs, there's rarely more than a few hundred Kb/s in total through all of the interfaces. In addition, I've often seen these drops when there is almost no traffic (i.e. in the middle of the night/wee in the morning).
-
Some sort of hardware glitch and/or enet driver bug?
-
Slow CF card….. I had the same issues and changed to HD SCSI install. Now the probs has dissapered..
-
Slow CF card….. I had the same issues and changed to HD SCSI install. Now the probs has dissapered..
Disk I/O speed has absolutely nothing to do with the throughput capacity of the system (assuming you aren't using Squid). On a stock install with no packages, the disk will never be a factor in network throughput.
-
Well, not disk speed, per-se, but maybe his CF card is crappy or there is some interface issue causing a minihang for several seconds?
-
Well, I can make some attempts to eliminating the hardware (per se) by swapping the CF card into another Alix board, and seeing if I still get the pauses there. In addition try a different CF card altogether (a real SanDisk) as opposed to the leftovers I've been using, and the ones I've gotten directly from pcengines. I seriously doubt this is the issue, though. I might believe the hardware, as I did have MASSIVE problems with 2.0, where the box would not stay up (i.e. panicked) after about 12-16 hours running…...